CVE-2019-18181

In CloudVision Portal all releases in the 2018.1 and 2018.2 Code train allows users with read-only permissions to bypass permissions for restricted functionality via CVP API calls through the Configlet Builder modules. This vulnerability can potentially enable authenticated users with read-only access to take actions that are otherwise restricted in the GUI.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:arista:cloudvision_portal:*:*:*:*:*:*:*:*
cpe:2.3:a:arista:cloudvision_portal:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-12-19 19:15

Updated : 2024-02-28 17:28


NVD link : CVE-2019-18181

Mitre link : CVE-2019-18181

CVE.ORG link : CVE-2019-18181


JSON object : View

Products Affected

arista

  • cloudvision_portal